Outline for March 11, 1999
- Greetings and felicitations!
- Network Security
- Same issues as for general computer security; only mechanisms different
- Typically don't rely on network hardware to protect things
- Must use cryptography
- Network Environment
- Quick review of ISO/OSI model
- Link v. end-to-end encryption
- Security Threats and Countermeasures
- snooping
- modification
- masquerading
- replay
- delay
- denial of service
- repudiation of origin
- denial of receipt
- Example Design: Electronic Mail
- Review desired security services
- Basis
- PEM protocol
- Certificate-based key management vs. secret key management
- Comparison to PGP
- Example Existing Protocol: NTP v 2
- Protocol to synchronize clocks on the Internet
- Primary time servers: synced to an external time system (eg, atomic
clocks)
- Go through cloud hierarchy (and cohorts), stratum layer (distance from
primary) , synchronization
- Association modes: client (sends message to peer, can reset time), server
(replies to sent message), broadcast (send out periodic messages); higher up,
symmetric active and symmetric passive: association periodically sends out
broadcast messages; on arrival, symmetric passive association is created, looks
at source; if source at higher stratum, reply and terminate; otherwise, reply,
and source synchronizes itself to peer. Also, allow control messages.
- Selection of source peer, smoothing of data: retains last 8 values of
(delay, clock offset), and chooses point with lowest delay, and sets
dispersion. Best source chosen from the sets (one per possible source).
- Packet receipt, sending: on receipt, if connections compatible, checks not a
duplicate by looking at transmit times, checks the last packet received by peer
was the last one sent; on failure, set sanity check but continue. Update
association to reflect data in newly-0arrived packet; check peer clock, stratum
level, validate 2-way communication. If sanity check set, exit. Else estimate
delay, clock offset, dispersion, and update local clock.
- Delay compensation: statistical in nature, calculates delay and clock offset
relative to peer
- Access Control: trusted (can synchronize to), friendly (can synchronize),
all others (ignore) -- relies on unauthenticated source information in packet
- Authentication: optional, uses pairwise secret keys. Authenticator excluded
from integrity checking; no key distribution mechanism.
- asquerade
- Send packets with bogus source; peer determined by source and destination.
- Effect: if fake host known to victim and can synchronize clock, may be
ignored due to sample processing and selection operations.
- Can cause offsets, delays to alter gradually; victim's clocks will drift
- If unknown to victim and can become clock source, can flood with 8 messages
and assuming victim gets no others, can now control what is discarded; or,
claim low stratum number. Either way, attacker tends to become source
- See request, send response before legitimate response; real one discatded
- Analysis of NTP: Modification
- Alter a message to cause recipient to resynchronize, or to break an
association
- Look at allgorithm; variables reset before packet alteration acted upon
- Can alter packet precision, time of sending, and time of last message
reception; all others cause discard before changing time (but may change
association parameters)
- precision: can increase round-trip delay or decrease it (to make it more
likely impersonated host will be new time source)
- Other two: used to adjust clock offset and delay, so can affect choice of
source and frequency of contact
- DoS: version, association mode deny services
- stratum alters stratum of peer, making it more likely to be a clock source
- poll: how often peer is polled (certain limits)
- distance: affects delay that victim percieves from primay, and hence affects
clock source selection
- Replay
- To cause recipient to resynchronize, or to disable an association
- Alternate 2 recorded packets; either they get tossed (new source) or victim
isolated
- Can set clock backwards
- Denial of Service
- Clock runs on its own power; can cause large errors
- Fixes
- External
- Internal: use authentication and include the key index (authenticator).
Change peer variables only after authenticating packets. Disallow clocks being
set backwards.
You can get this document in
ASCII text,
Framemaker+SGML version 5.5,
PDF (for Acrobat 3.0 or later),
or
Postscript.
Send email to
[email protected].
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 3/18/99